Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/BJXKJP-W89HKJxERzj6nWimgQG0.roa
File: BJXKJP-W89HKJxERzj6nWimgQG0.roa (raw, json)
Hash identifier: Gl1MIRSRtPwegDwjTM4SHxNGn8wK4TgWSCL2s01sP+c=
Subject key identifier: 04:95:CA:24:FF:96:F3:D1:CA:27:11:11:CE:3E:A7:5A:29:A0:40:6D
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA29880CBE3947EEDE554EDE10F234D9
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/BJXKJP-W89HKJxERzj6nWimgQG0.roa
Signing time: Tue 02 Jan 2024 12:32:48 +0000
ROA not before: Tue 02 Jan 2024 12:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206804
IP address blocks: 85.203.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 11:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:88:0c:be:39:47:ee:de:55:4e:de:10:f2:34:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0495ca24ff96f3d1ca271111ce3ea75a29a0406d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4d:4f:3f:e3:86:49:4f:f8:8d:9a:8c:55:43:
02:4a:fb:db:ae:bf:2f:e0:15:63:29:03:32:2a:34:
85:70:0a:7b:fe:8f:f8:74:f0:02:a9:a2:0a:ed:43:
4e:4a:4f:13:2d:8c:a0:2c:b3:ac:e9:42:4c:6f:73:
f0:df:9b:a6:68:54:5a:d6:16:db:d1:8a:eb:21:e5:
f8:09:30:e8:de:f0:0c:d2:b3:93:02:f2:32:f7:ad:
8b:82:fa:5a:be:51:2a:45:ac:95:22:69:13:ef:c8:
35:e0:34:86:66:05:63:bb:c2:59:2f:d5:9d:22:45:
69:90:c4:bb:98:22:20:0c:e5:3a:57:b7:91:02:58:
d7:2c:4e:1a:31:29:78:a0:6a:18:82:20:fe:8d:c6:
0f:72:be:b3:20:97:46:2b:9b:02:5b:1d:fd:50:fe:
b3:4e:c9:33:ab:37:9a:66:54:96:87:75:f8:ac:ea:
a8:a6:6f:6d:80:4f:ba:f4:13:4d:4d:3b:22:2a:f9:
8b:92:22:13:98:a6:0a:9b:ee:e9:21:bb:73:c9:83:
14:a2:30:8b:68:df:68:d0:54:9b:56:34:8c:de:07:
6b:a3:2d:04:57:bf:ac:a0:e8:f5:77:b3:25:61:52:
8f:cd:21:b2:f8:45:c1:ba:d9:12:7d:fd:74:f5:2d:
ab:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:95:CA:24:FF:96:F3:D1:CA:27:11:11:CE:3E:A7:5A:29:A0:40:6D
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/BJXKJP-W89HKJxERzj6nWimgQG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.39.0/24
Signature Algorithm: sha256WithRSAEncryption
10:1f:66:9d:35:7c:84:e7:f0:3c:d6:5e:d6:83:c7:0d:b8:22:
42:82:78:c6:08:1a:0f:7c:eb:66:a6:1a:7d:2b:c5:49:40:04:
36:01:36:19:00:33:e0:64:e2:ed:08:65:de:fd:76:2d:88:ce:
bd:9d:03:76:83:21:6c:83:3b:6a:2c:b0:de:70:2b:3a:88:40:
be:2c:a3:cc:fb:86:16:89:c8:c1:10:1c:02:f4:2b:a6:87:b7:
d6:ee:92:8e:1c:a0:f2:ce:de:a1:62:ee:0f:19:c7:ac:2e:33:
7c:4c:92:4b:3b:5b:1e:c0:8d:62:44:8b:57:21:04:dc:71:f5:
5c:69:02:bb:4b:fd:99:67:b1:64:ae:23:b2:5e:a9:c4:41:bd:
2a:7f:0d:6f:aa:da:2a:68:f4:30:7b:60:e0:da:f2:e0:7a:7e:
e1:11:08:1e:5b:af:89:9f:43:10:d8:4b:3e:cb:d7:19:9e:59:
fa:e8:3c:98:92:90:a8:a3:e1:e7:57:3f:5e:8f:8f:79:a3:01:
16:b9:96:bb:1b:3c:65:86:48:f6:42:f3:7a:06:29:44:0f:cc:
ac:3b:7a:97:1a:44:26:2c:f0:24:73:d3:21:8c:1e:30:13:31:
4f:65:17:2b:34:1d:82:1d:d0:b4:c6:47:07:24:d5:13:23:3b:
d7:81:44:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKYgMvjlH7t5VTt4Q8jTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDk1Y2EyNGZmOTZmM2QxY2EyNzExMTFjZTNlYTc1YTI5YTA0MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk1PP+OGSU/4jZqMVUMCSvvbrr8v
4BVjKQMyKjSFcAp7/o/4dPACqaIK7UNOSk8TLYygLLOs6UJMb3Pw35umaFRa1hbb
0YrrIeX4CTDo3vAM0rOTAvIy962LgvpavlEqRayVImkT78g14DSGZgVju8JZL9Wd
IkVpkMS7mCIgDOU6V7eRAljXLE4aMSl4oGoYgiD+jcYPcr6zIJdGK5sCWx39UP6z
TskzqzeaZlSWh3X4rOqopm9tgE+69BNNTTsiKvmLkiITmKYKm+7pIbtzyYMUojCL
aN9o0FSbVjSM3gdroy0EV7+soOj1d7MlYVKPzSGy+EXButkSff109S2rYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASVyiT/lvPRyicREc4+p1opoEBtMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvQkpYS0pQLVc4OUhLSnhFUnpqNm5XaW1nUUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsnMA0G
CSqGSIb3DQEBCwUAA4IBAQAQH2adNXyE5/A81l7Wg8cNuCJCgnjGCBoPfOtmphp9
K8VJQAQ2ATYZADPgZOLtCGXe/XYtiM69nQN2gyFsgztqLLDecCs6iEC+LKPM+4YW
icjBEBwC9Cumh7fW7pKOHKDyzt6hYu4PGcesLjN8TJJLO1sewI1iRItXIQTccfVc
aQK7S/2ZZ7FkriOyXqnEQb0qfw1vqtoqaPQwe2Dg2vLgen7hEQgeW6+Jn0MQ2Es+
y9cZnln66DyYkpCoo+HnVz9ej495owEWuZa7Gzxlhkj2QvN6BilED8ysO3qXGkQm
LPAkc9MhjB4wEzFPZRcrNB2CHdC0xkcHJNUTIzvXgUQR
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:11:13 2025 by rpki-client